Systems Saskia Koldijk 12 Gijs Koot 2 Mark Neerincx 13 Wessel Kraaij 12 wwwswellprojectnet 1 2 3 wwwswellprojectnet Recent trends Big data advances ID: 585572
Download Presentation The PPT/PDF document "Privacy and User Trust in Context-Aware" is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.
Slide1
Privacy and User Trust in Context-Aware
Systems
Saskia Koldijk
1,2, Gijs Koot2, Mark Neerincx1,3, Wessel Kraaij1,2
www.swell-project.net
(1)
(2
)
(3
)Slide2
www.swell-project.net
Recent trends
Big data,
advances in sensing, smartphones, ubiquitous user modeling…
Opportunity
Thread
Context Aware Systems
Better personalized and contextualized services
Privacy
Losing control over personal (context) data
Definition CAS: “use of environmental elements by applications to personalize their service for the user” [1].
Definition Privacy: “boundary control process in which individuals regulate when, how, and to what extent information about them is communicated to others” [2].Slide3
www.swell-project.net
Outline of this talk
Introduction context aware SWELL system
Privacy Impact AssessmentHow to apply Privacy by DesignUser study: Effects of Privacy by Design, onTrustAttitude towards using the systemResults
How to build a privacy-friendly CAS?Slide4
www.swell-project.net
Outline of this talk
Introduction context aware SWELL
systemPrivacy Impact AssessmentHow to apply Privacy by DesignUser study: Effects of Privacy by Design, onTrustAttitude towards using the systemResults
How to build a privacy-friendly CAS?Slide5
Problem to address:
Knowledge workers often experience stress building up, which in the worst case results in burn-out.
SWELLSlide6
SWELL Workload
Mirror to look back at the day:
I work in the office from 9 till 5. I perform knowledge work. My work is demanding. I often feel so tired. Slide7
SWELL tool:
Workload
Mirror to manage well-being at work1) Working behavior is captured with sensors and the system learns to interpret this personal data. 2) Intelligible information is provided as feedback to help adjust behavior and improve well-being.
C
ontent worked on
Mental effort/ energy
Computer activity
Posture
Facial expressions
Can collect:
Overview of:
Tasks
Stress
Self reportsSlide8
www.swell-project.net
Introduction context aware SWELL
system
Privacy Impact AssessmentHow to apply Privacy by DesignUser study: Effects of Privacy by Design, onTrustAttitude towards using the systemResults
OutlineSlide9
www.swell-project.net
Privacy Impact Assessment
Detect
potential privacy
problems
before
the
development of a new
technology
Question catalogueSlide10
www.swell-project.net
Goal of data collection
The goal of data collection should be clearly described
.The user should have a clear view on what the system does and how the data is used.Type of dataThe user must know which data is collected.Which data is collected and processed will be kept to a minimum to enable required functionality.
The data should be stored as aggregated as possible.
The system should provide an alternative means to provide data (e.g. manual user input).Reactions to the systemThe user should be aware of his privacy settings.
User controlThe user must give permission to collect data, based on a well-informed decision.The
user should be able to see his own data and delete data.
Results: Important privacy aspects
(1)Slide11
www.swell-project.net
Quality of the data
The system should give correct information.
The user should be able to check and correct the data.Security of the dataThe data should be stored as locally as possible.The data should be encrypted.Others should not have access to your data.
Data responsibilitiesAn
security plan should be established to prevent unauthorized access.All involved parties should adhere to the security plan.Data sharing
When the user voluntarily shares data, it should be shared in line with the user’s expectations.The user must know who (if applicable) will have access to the data
Results: Important privacy
aspects (2)Slide12
www.swell-project.net
Introduction context aware SWELL
system
Privacy Impact AssessmentHow to apply Privacy by DesignUser study: Effects of Privacy by Design, onTrustAttitude towards using the systemResults
OutlineSlide13
www.swell-project.net
Outlined
privacy aspects
can be addressed from the developers side!Apply 8 Privacy Design StrategiesCAS follows current privacy legislation
‘Privacy Patterns’ used for implementation
Privacy by Design
Cavoukian
(2012)Hoepman (2012)Slide14
www.swell-project.net
1. Inform
Informed consent
Privacy Dashboard2. ControlPrivacy Choices3. MinimizePseudonyms
Anonymization (k-anonymity)
4. SeparateDecentralisationHorizontal/ vertical data separation
8 Privacy Design
Strategies
(+ patterns)
Hoepman (2012)
strategy
patternSlide15
www.swell-project.net
5
.
AggregateAggregate over timeBlur personal data6. Hide
Authentication
Store data encrypted7. Enforce & 8. DemonstrateSticky Policies
8 Privacy Design
Strategies (+ patterns)
Hoepman
(2012)Slide16
www.swell-project.net
Introduction context aware SWELL
system
Privacy Impact AssessmentHow to apply Privacy by DesignUser study: Effects of Privacy by Design, onTrustAttitude towards using the systemResults
OutlineSlide17
www.swell-project.net
124 participants
Presentation SWELL system
Between subject design: Privacy information (yes/no)Questionnaire on:TransparencyPrivacy/ TrustAttitude towards use of the SWELL systemHypothesized model:
Effect on Users’ AttitudesSlide18
Purpose limitation: The collected data is only used for giving yourself insights
to enable self-management.Control: You can enable or disable the computer logging, camera or Kinect sensors. Data minimization: The tool only processes
data that is necessary to provide the functionality that you desire, e.g. the tool will use document content only when you want an overview of topics worked on.Data aggregation: The sensor data is processed locally on your device. Only summary information, like topics, average posture or facial expression, is stored – no keystrokes or video. Adequate protection: Your data is hidden from unauthorized access.Data subjects right: You have full control over your data, can view or delete it. Privacy by Design<Privacy group>Slide19
Installing SWELL
Goal of the SWELL tool: Supporting self-management of stress.
You can enable or disable functionalities as you wish, such that the SWELL tool optimally supports you with functionality that you desire.
E.g. you can decide if you want to share (parts of) information with others.
<Privacy group>Slide20
Installing SWELL
Goal of the SWELL tool: Supporting self-management of stress.
You can enable or disable functionalities as you wish, such that the SWELL tool optimally supports you with functionality that you desire.
E.g. you can decide if you want to share (parts of) information with others.
<Control group>Slide21
www.swell-project.net
Introduction context aware SWELL
system
Privacy Impact AssessmentHow to apply Privacy by DesignUser study: Effects of Privacy by Design, onTrustAttitude towards using the systemResults
OutlineSlide22
www.swell-project.net
P
rivacy
information had a positive effect on perceived privacy/ trust in the SWELL systemAttitude towards using the SWELL system was not related to perceived privacy/ trust!!related
to personal motivation!
Results
(*
significant on the .05 level, ** significant at the 0.01 level)Slide23
www.swell-project.net
There are users that state privacy concerns;
nevertheless they are going to use the system (when they have personal motivation)
‘Privacy paradox’, also found in related workIt is important to implement Privacy by Design to adequately protect the privacy of the users!The 8 Privacy Strategies are an easy start point for developing privacy friendly CAS, use them
ConclusionsSlide24
www.swell-project.net
Dey
, A. K., Brown, &
Abowd, G. D. (1999). Towards a better understanding of context and context-awareness. In Handheld and ubiquitous computing (pp. 304-307). Springer Berlin Heidelberg.Van De Garde-Perik, E., Markopoulos, P., De Ruyter, B., Eggen, B., & Ijsselsteijn, W. (2008).
Investigating privacy attitudes and behavior in relation to personalization. Social Science Computer Review,
26(1), 20-43.Cavoukian, A. (2012). Operationalizing Privacy by Design: A Guide to Implementing Strong Privacy Practices. Ontario: Information and Privacy Commissioner of Ontario.
Hoepman, J. H. (2012). Privacy Design Strategies. arXiv preprint arXiv:1210.6621.
ReferencesSlide25
Thank you for your attention!
Privacy
and User Trust
in Context-Aware Systems (1)
(2
)(3)
www.swell-project.net
(1)
(2
)
(3
)
Publications:
cs.ru.nl/~
skoldijk
Saskia Koldijk
1,2
, Gijs
Koot
2
,
Mark Neerincx
1,3
, Wessel
Kraaij
1,2